From 7e1d00c2ddace99c8c3bfce4bf2816a19fe6e894 Mon Sep 17 00:00:00 2001 From: JKornev <8bit.dosninja@gmail.com> Date: Mon, 5 Jul 2021 01:30:08 +0300 Subject: [PATCH] Fixed compilation errors on x64 arch --- Hidden/Helper.h | 2 +- Hidden/PsMonitor.c | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Hidden/Helper.h b/Hidden/Helper.h index 51b8c1f..6848636 100644 --- a/Hidden/Helper.h +++ b/Hidden/Helper.h @@ -79,7 +79,7 @@ VOID FreeInformation(PVOID Buffer); NTSTATUS NormalizeDevicePath(PCUNICODE_STRING Path, PUNICODE_STRING Normalized); -#define _LogMsg(lvl, lvlname, frmt, ...) DbgPrintEx(DPFLTR_IHVDRIVER_ID, lvl , "hidden!" __FUNCTION__ "[irql:%d,pid:%d][" lvlname "]: " frmt "\n", (ULONG)KeGetCurrentIrql(), (ULONG)PsGetCurrentProcessId(), __VA_ARGS__) +#define _LogMsg(lvl, lvlname, frmt, ...) DbgPrintEx(DPFLTR_IHVDRIVER_ID, lvl , "hidden!" __FUNCTION__ "[irql:%d,pid:%tu][" lvlname "]: " frmt "\n", (ULONG)KeGetCurrentIrql(), (ULONG_PTR)PsGetCurrentProcessId(), __VA_ARGS__) #define LogError(frmt, ...) _LogMsg(DPFLTR_ERROR_LEVEL, "error", frmt, __VA_ARGS__) #define LogWarning(frmt, ...) _LogMsg(DPFLTR_WARNING_LEVEL, "warning", frmt, __VA_ARGS__) diff --git a/Hidden/PsMonitor.c b/Hidden/PsMonitor.c index 46aa9b7..7efab14 100644 --- a/Hidden/PsMonitor.c +++ b/Hidden/PsMonitor.c @@ -129,11 +129,11 @@ OB_PREOP_CALLBACK_STATUS ProcessPreCallback(PVOID RegistrationContext, POB_PRE_O if (!CheckProtectedOperation(PsGetCurrentProcessId(), PsGetProcessId(OperationInformation->Object))) { - LogInfo("Allow protected process access from %d to %d", (ULONG)PsGetCurrentProcessId(), (ULONG)PsGetProcessId(OperationInformation->Object)); + LogInfo("Allow protected process access from %tu to %tu", (ULONG_PTR)PsGetCurrentProcessId(), (ULONG_PTR)PsGetProcessId(OperationInformation->Object)); return OB_PREOP_SUCCESS; } - LogTrace("Disallow protected process access from %d to %d", (ULONG)PsGetCurrentProcessId(), (ULONG)PsGetProcessId(OperationInformation->Object)); + LogTrace("Disallow protected process access from %tu to %tu", (ULONG_PTR)PsGetCurrentProcessId(), (ULONG_PTR)PsGetProcessId(OperationInformation->Object)); if (OperationInformation->Operation == OB_OPERATION_HANDLE_CREATE) OperationInformation->Parameters->CreateHandleInformation.DesiredAccess = (SYNCHRONIZE | PROCESS_QUERY_LIMITED_INFORMATION); @@ -153,21 +153,21 @@ OB_PREOP_CALLBACK_STATUS ThreadPreCallback(PVOID RegistrationContext, POB_PRE_OP if (OperationInformation->KernelHandle) return OB_PREOP_SUCCESS; - LogInfo("Thread object operation, destPid:%d, destTid:%d, srcPid:%d, oper:%s, space:%s", - (ULONG)PsGetThreadProcessId(OperationInformation->Object), - (ULONG)PsGetThreadId(OperationInformation->Object), - (ULONG)PsGetCurrentProcessId(), + LogInfo("Thread object operation, destPid:%tu, destTid:%tu, srcPid:%tu, oper:%s, space:%s", + (ULONG_PTR)PsGetThreadProcessId(OperationInformation->Object), + (ULONG_PTR)PsGetThreadId(OperationInformation->Object), + (ULONG_PTR)PsGetCurrentProcessId(), (OperationInformation->Operation == OB_OPERATION_HANDLE_CREATE ? "create" : "dup"), (OperationInformation->KernelHandle ? "kernel" : "user") ); if (!CheckProtectedOperation(PsGetCurrentProcessId(), PsGetThreadProcessId(OperationInformation->Object))) { - LogInfo("Allow protected thread access from %d to %d", (ULONG)PsGetCurrentProcessId(), (ULONG)PsGetThreadProcessId(OperationInformation->Object)); + LogInfo("Allow protected thread access from %tu to %tu", (ULONG_PTR)PsGetCurrentProcessId(), (ULONG_PTR)PsGetThreadProcessId(OperationInformation->Object)); return OB_PREOP_SUCCESS; } - LogTrace("Disallow protected thread access from %d to %d", (ULONG)PsGetCurrentProcessId(), (ULONG)PsGetThreadProcessId(OperationInformation->Object)); + LogTrace("Disallow protected thread access from %tu to %tu", (ULONG_PTR)PsGetCurrentProcessId(), (ULONG_PTR)PsGetThreadProcessId(OperationInformation->Object)); if (OperationInformation->Operation == OB_OPERATION_HANDLE_CREATE) OperationInformation->Parameters->CreateHandleInformation.DesiredAccess = (SYNCHRONIZE | THREAD_QUERY_LIMITED_INFORMATION);